c06b4cdca72a0bb743074472e0d3d8f6

Sharing

Copy URL Twitter E-mail

General

Target

c06b4cdca72a0bb743074472e0d3d8f6
Size

357KB
MD5

c06b4cdca72a0bb743074472e0d3d8f6
SHA1

7fd282fabb759124936395106876408746fea468
SHA256

e438315a0e2488312c7645573149ebad37686eecdfc3f678dc6291415b0792a9
SHA512

981725bf60b25cbe52c7979eb87f2d9e560976629f30880a01f04e2e71a19c6f0c1885d09694a7bf5b17e452fef52384922da36b6597c61b3ba525539cbe4d7a
SSDEEP

6144:6dfOOAtHuikCgirrUVpUIS4T35u6D/VpTecmIPM3ZpnWyzGPrX9olinC4DYS4v++:HOUO+girrUUISUgaipWyzGbYuC+YSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06b4cdca72a0bb743074472e0d3d8f6

Files

c06b4cdca72a0bb743074472e0d3d8f6
.exe windows:5 windows x86 arch:x86

23c06853a5683f7b344d9659902beb33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetConsoleWindowInfo
GetStartupInfoA
VirtualFree
FindFirstVolumeA
OpenWaitableTimerW
LoadLibraryA
WaitForMultipleObjects
WaitForSingleObject
IsProcessInJob
OutputDebugStringA
GetCommModemStatus
BaseCleanupAppcompatCacheSupport
GetTapeStatus
CreateTapePartition
GetCurrentThread
FindResourceW
EnumLanguageGroupLocalesA
LocalFileTimeToFileTime
RegisterWaitForSingleObjectEx
SignalObjectAndWait
GetUserDefaultLCID
SetConsoleOS2OemFormat
VirtualAlloc
GetCurrentActCtx
HeapCreate
FatalAppExitA
HeapSetInformation
LZSeek
GetConsoleAliasesA
FindNextVolumeA

ntdll

ZwCreateDirectoryObject
RtlAreAnyAccessesGranted
NtFlushVirtualMemory
RtlCompareString
NtReplyWaitReceivePort
LdrAddRefDll
ZwCreateEvent
DbgUiConvertStateChangeStructure
ZwQueryMutant
RtlCopyString
ZwSetTimerResolution
RtlInitializeRXact
RtlLargeIntegerNegate
ZwRaiseHardError
RtlIpv6AddressToStringW
RtlAcquireResourceExclusive
NtRenameKey

user32

IMPQueryIMEW
GetMonitorInfoW
SetMenuDefaultItem
BeginDeferWindowPos
GetWindow
GetMenuInfo
IsClipboardFormatAvailable
EndDeferWindowPos
RegisterRawInputDevices
CreateWindowExA
DlgDirSelectComboBoxExA
GetDC
GetMenuItemInfoA
MessageBeep
PeekMessageW
DrawAnimatedRects
GetKeyboardLayoutList
LoadCursorFromFileW
GetAppCompatFlags
InsertMenuA
GetMessageA
wsprintfW
EnumWindows
EnumPropsExW
CallWindowProcW
GetWindowLongW
EmptyClipboard
RemovePropW
LockSetForegroundWindow
EnumChildWindows
SoftModalMessageBox
TileWindows
EnumDisplaySettingsW
LoadCursorW
LoadMenuIndirectW
DefRawInputProc
MapWindowPoints
DdeGetData

dciman32

DCISetClipList
WinWatchGetClipList
DCICreateOverlay
DCIDestroy
WinWatchDidStatusChange
DCIBeginAccess
DCIDraw
DCIOpenProvider
GetDCRegionData
GetWindowRegionData
WinWatchNotify
DCICreateOffscreen
DCICreatePrimary
DCISetDestination
DCIEnum
DCIEndAccess
WinWatchOpen
DCISetSrcDestClip
WinWatchClose
DCICloseProvider

odbc32

SQLCopyDesc
SQLPrepareA
OpenODBCPerfData
SQLGetDescRecW
SQLGetDescField
SQLDriverConnectW
SQLColAttributes
SQLSetConnectOption
SQLMoreResults
SQLFetchScroll
PostODBCComponentError
SQLStatistics
SQLFreeHandle
SQLProceduresA
SQLExecDirectA
SQLBulkOperations
SQLColumnsW
SQLGetData
SQLColumns
CursorLibLockDbc
SQLConnectW
SQLAllocStmt
SQLColAttributeA
SQLGetDiagRec
SQLTablesW

Sections

.text
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23c06853a5683f7b344d9659902beb33

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

user32

dciman32

odbc32

Sections

.text Size: 343KB - Virtual size: 343KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 381KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 384B

.text
Size: 343KB - Virtual size: 343KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 381KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 384B